Aller au contenu principal

Ce contenu est disponible en anglais seulement.

Back in June, we wrote a post that gave a heads up on the upcoming changes to Google Chrome. It was practically a warning to website owners that if they don't have an SSL certificate for their blog or website that it's time to get your butt in gear—with free options out there, there's no excuse to not encrypt your website data.

Well, the time is now here. Starting this week, Google Chrome will start sending “not secure” warnings to every user visiting a non-HTTPS site—not just those with form elements. This is another step by Google in helping to improve security and privacy on the internet (since 2015, https has been a positive ranking factor in their search algorithm). This week's change should be even more effective because it directly impacts the end user in a commonly used browser.

In light of this, we took a look at the recursive http traffic going to the D-Zone DNS Firewall service, specifically at four customers in the education sector. Each has a large number of users including students, faculty and administration.

When we looked at the amount of HTTP traffic that was blocked due to phishing or malware distribution, we found that in the best-case situation a full 27% of HTTP traffic got blocked as malicious. In the worst, a whopping 52% of HTTP traffic was classified thusly.

Status

Customer 1

Customer 2

Customer 3

Customer 4

Permitted

56

73

48

67

Infected or phishing page

44

27

52

33

 

Why HTTPS?

Well, when you encrypt the communications you protect users from things like data snooping and man-in-the-middle attacks.

Is it a surprise that bad guys don't use HTTPS? Probably not. To be HTTPS you need an SSL certificate, and this generally requires providing personal information - even for the free ones. In other words, this move to HTTPS will not only help safe browsing but also hopefully make it a little more difficult for people to set-up nefarious web properties.

For more information on SSL you can read our interview with our in-house expert.